Microsoft issues warning against Ransomware attack on Poland, Ukraine and Bulgaria

    Microsoft’s Threat Intelligence Centre (MSTIC) has issued an alert to organizations operating in Ukraine, Poland and Bulgaria against a ransomware campaign that’s functioning with an aim to either wipe data off the target or to encrypt it until a ransom is paid.

    Interestingly, the campaign starts after stealing of Active Director admin account credentials and till the time the network admins learn about the incident; the damage is done.

    Prestige Ransomware gang are the criminals that have been identified by the Windows Operating system giant as a culprit and are currently focusing on enterprises operating in Ukraine, Poland, and Bulgaria.

    Russian nation is suspected behind the development and distribution of Prestige Ransomware and has already hit Internal Affairs Ministry, Defense Ministry, the Justice Ministry and the Constitutional Court of Bulgaria.

    Sometimes, the file encrypting malware campaign turns into a data wiper, as there is evidence with Microsoft that some computer networks were induced by HermeticWiper Destructive malware, a malicious software that attained important after Putin started an invasion of the Volodymyr Zelenskyy led nation

    NOTE– Coming to the war, it seems like both side leaders are not in a mood to negotiate anymore. The pressure from International adversaries might trigger a nuclear war anytime, as Russian leader Putin seems to have lost his patience over western interference in his war with Kyiv. There is a high probability that Kremlin might also launch secret digital attacks on the infrastructure operating satellites in the world. As he wants to cut down communication access of Ukraine with the world in coming days and then wants to intensify missile attacks on innocent populace of its neighboring nation, in a hope that they will come down to their knees for peace.


    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display